Problem: DNS Hijacking

Attention: open in a new window.

The Internet’s Directory Assistance — Widely trusted, but sadly not trustworthy.

The Domain Name System or DNS was created in 1983, a much more simple and trusting period in computing, to serve as directory assistance between a website domain name (www.yourname.com, for example) and an IP address. Flash-forward to the present, when cyber fraud, attacks and crime are all on the rise, and this trust has eroded considerably.

Many high-profile companies like CheckFree, Comcast, Baidu, Twitter, and even the international oversight body for domain names itself, ICANN, have become victims of DNS hijacking within the past few years. When this occurs, cyber criminals redirect a domain to a fraudulent Internet host. By hijacking an enterprise’s DNS, hackers can gain access to everything stored and shared within an organization: vital data like financial and customer information, passwords, emails and IMs proprietary documents and more. And these attacks affect more than just domains on the Web – they can impact all traffic and transactions throughout an entire extended enterprise.

In the CheckFree hijacking, hackers redirected CheckFree customers to a web address that installed malicious software (malware) during the electronic bill pay process. CheckFree’s 24 million customers were at serious risk. The hackers could have used their malware not just to access CheckFree users’ vital data, but also to swindle information from the financial industry’s hundreds of transaction partners. By exploiting connections through all levels of an extended enterprise, cyber criminals continually gain access to the core transactions that facilitate business.

IID’s internal team of experts, industry-leading proprietary systems, and vast network of industry relationships combine to ensure that these extended enterprise communication channels are being monitored – and threats mitigated. By doing this, IID secures an organization’s Internet presence and authenticates connections. To find out more about IID’s solution, ActiveTrust™ DNS click here.

Half of Fortune 500s, US Govt. Still Infected with DNSChanger Trojan

Posted 02/02/12 - krebsonsecurity.com

Key Internet operator VeriSign hit by hackers

Posted 02/02/12 - Reuters

4 Ways to Prevent Domain Name Hijacking

Posted 02/01/12 - CIO

More News

IID ActiveInterest Blog

Get your DNSChanger diagnosis today!

It was about 2 1/2 months ago that the FBI, in cooperation with other law enforcement agencies, took down the DNSChanger gang with Operation Ghost Click . You may recall that there was a court...
Continue reading

Posted 02/02/12 - Lars Harvey

Hacktivists Turn to DNS Hijacking

Hacktivists have started hijacking domain names, and that is not a good thing. DNS hijacks redirect all the traffic from their legitimate websites (and often all the e-mail and back-end...
Continue reading

Posted 01/24/12 - Lars Harvey

Call 888.239.6932